McAfee Host Intrusion Prevention Services < 8.0.0.3828 Authentication Bypass (SB10173)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

A security application installed on the remote host is affected by an
authentication bypass vulnerability.

Description :

The version of McAfee Host Intrusion Prevention Services (HIPS) is
prior to 8.0.0.3828. It is, therefore, affected by an authentication
bypass vulnerability due to improper registry key permissions. A local
attacker can exploit this, under certain conditions, to manipulate the
product's registry keys.

See also :

https://kc.mcafee.com/corporate/index?page=content&id=SB10173
https://kc.mcafee.com/corporate/index?page=content&id=KB70778

Solution :

Upgrade to McAfee Host Intrusion Prevention Services 8.0 Patch 8
(8.0.0.3828) or later.

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 1.6
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 95469 ()

Bugtraq ID: 93813

CVE ID: CVE-2016-8007

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now